You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by sv...@apache.org on 2013/11/14 05:02:47 UTC
svn commit: r1541802 - in /subversion/branches/1.8.x: ./ STATUS
subversion/mod_authz_svn/mod_authz_svn.c
Author: svn-role
Date: Thu Nov 14 04:02:47 2013
New Revision: 1541802
URL: http://svn.apache.org/r1541802
Log:
Merge r1541432 from trunk:
* r1541432
Fix potential crash in mod_authz_svn during startup if path specified
by AuthzSVNAccessFile, AuthzSVNReposRelativeAccessFile, or
AuthzSVNGroupsFile directives is not accessible.
Justification:
Crash on invalid configuration.
Votes:
+1: ivan, stefan2, rhuijben
Modified:
subversion/branches/1.8.x/ (props changed)
subversion/branches/1.8.x/STATUS
subversion/branches/1.8.x/subversion/mod_authz_svn/mod_authz_svn.c
Propchange: subversion/branches/1.8.x/
------------------------------------------------------------------------------
Merged /subversion/trunk:r1541432
Modified: subversion/branches/1.8.x/STATUS
URL: http://svn.apache.org/viewvc/subversion/branches/1.8.x/STATUS?rev=1541802&r1=1541801&r2=1541802&view=diff
==============================================================================
--- subversion/branches/1.8.x/STATUS (original)
+++ subversion/branches/1.8.x/STATUS Thu Nov 14 04:02:47 2013
@@ -187,16 +187,6 @@ Veto-blocked changes:
Approved changes:
=================
- * r1541432
- Fix potential crash in mod_authz_svn during startup if path specified
- by AuthzSVNAccessFile, AuthzSVNReposRelativeAccessFile, or
- AuthzSVNGroupsFile directives is not accessible.
- Justification:
- Crash on invalid configuration.
- Votes:
- +1: ivan, stefan2, rhuijben
-
-
* r1540044, r1540417
Fix issue 4448: hotcopy losing revprop files in packed repositories.
Justification:
Modified: subversion/branches/1.8.x/subversion/mod_authz_svn/mod_authz_svn.c
URL: http://svn.apache.org/viewvc/subversion/branches/1.8.x/subversion/mod_authz_svn/mod_authz_svn.c?rev=1541802&r1=1541801&r2=1541802&view=diff
==============================================================================
--- subversion/branches/1.8.x/subversion/mod_authz_svn/mod_authz_svn.c (original)
+++ subversion/branches/1.8.x/subversion/mod_authz_svn/mod_authz_svn.c Thu Nov 14 04:02:47 2013
@@ -91,7 +91,8 @@ create_authz_svn_dir_config(apr_pool_t *
/* canonicalize ACCESS_FILE based on the type of argument.
* If SERVER_RELATIVE is true, ACCESS_FILE is a relative
* path then ACCESS_FILE is converted to an absolute
- * path rooted at the server root. */
+ * path rooted at the server root.
+ * Returns NULL if path is not valid.*/
static const char *
canonicalize_access_file(const char *access_file,
svn_boolean_t server_relative,
@@ -104,7 +105,11 @@ canonicalize_access_file(const char *acc
else if (!svn_path_is_repos_relative_url(access_file))
{
if (server_relative)
- access_file = ap_server_root_relative(pool, access_file);
+ {
+ access_file = ap_server_root_relative(pool, access_file);
+ if (access_file == NULL)
+ return NULL;
+ }
access_file = svn_dirent_internal_style(access_file, pool);
}
@@ -126,6 +131,8 @@ AuthzSVNAccessFile_cmd(cmd_parms *cmd, v
"directives are mutually exclusive.";
conf->access_file = canonicalize_access_file(arg1, TRUE, cmd->pool);
+ if (!conf->access_file)
+ return apr_pstrcat(cmd->pool, "Invalid file path ", arg1, NULL);
return NULL;
}
@@ -145,6 +152,9 @@ AuthzSVNReposRelativeAccessFile_cmd(cmd_
conf->repo_relative_access_file = canonicalize_access_file(arg1, FALSE,
cmd->pool);
+ if (!conf->repo_relative_access_file)
+ return apr_pstrcat(cmd->pool, "Invalid file path ", arg1, NULL);
+
return NULL;
}
@@ -155,6 +165,9 @@ AuthzSVNGroupsFile_cmd(cmd_parms *cmd, v
conf->groups_file = canonicalize_access_file(arg1, TRUE, cmd->pool);
+ if (!conf->groups_file)
+ return apr_pstrcat(cmd->pool, "Invalid file path ", arg1, NULL);
+
return NULL;
}